- update to 3.19

* Firefox target release 39
  New functionality:
  * For some certificates, such as root CA certificates, that don't
    embed any constraints, NSS might impose additional constraints,
    such as name constraints. A new API has been added that allows
    to lookup imposed constraints.
  * It is possible to override the directory in which the NSS build
    system will look for the sqlite library.
  New Functions:
  * CERT_GetImposedNameConstraints
  Notable Changes:
  * The SSL 3 protocol has been disabled by default.
  * NSS now more strictly validates TLS extensions and will fail a
    handshake that contains malformed extensions.
  * Fixed a bug related to the ordering of TLS handshake messages.
  * In TLS 1.2 handshakes, NSS advertises support for the SHA512
    hash algorithm, in order to be compatible with TLS servers
    that use certificates with a SHA512 signature.

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=179

mozilla-nss.changes

@@ -1,3 +1,26 @@
+-------------------------------------------------------------------
+Sat May 23 07:36:27 UTC 2015 - wr@rosenauer.org
+
+- update to 3.19
+  * Firefox target release 39
+  New functionality:
+  * For some certificates, such as root CA certificates, that don't
+    embed any constraints, NSS might impose additional constraints,
+    such as name constraints. A new API has been added that allows
+    to lookup imposed constraints.
+  * It is possible to override the directory in which the NSS build
+    system will look for the sqlite library.
+  New Functions:
+  * CERT_GetImposedNameConstraints
+  Notable Changes:
+  * The SSL 3 protocol has been disabled by default.
+  * NSS now more strictly validates TLS extensions and will fail a
+    handshake that contains malformed extensions.
+  * Fixed a bug related to the ordering of TLS handshake messages.
+  * In TLS 1.2 handshakes, NSS advertises support for the SHA512
+    hash algorithm, in order to be compatible with TLS servers
+    that use certificates with a SHA512 signature.
+
 -------------------------------------------------------------------
 Thu Apr 23 06:35:27 UTC 2015 - wr@rosenauer.org
 

mozilla-nss.spec

@@ -17,7 +17,7 @@
 #
 
 
-%global nss_softokn_fips_version 3.12.4
+%global nss_softokn_fips_version 3.18
 
 Name:           mozilla-nss
 BuildRequires:  gcc-c++
@@ -25,7 +25,7 @@ BuildRequires:  mozilla-nspr-devel >= 4.10.8
 BuildRequires:  pkg-config
 BuildRequires:  sqlite-devel
 BuildRequires:  zlib-devel
-Version:        3.18.1
+Version:        3.19
 Release:        0
 # bug437293
 %ifarch ppc64
@@ -36,8 +36,8 @@ Summary:        Network Security Services
 License:        MPL-2.0
 Group:          System/Libraries
 Url:            http://www.mozilla.org/projects/security/pki/nss/
-Source:         https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_18_1_RTM/src/nss-%{version}.tar.gz
-# hg clone https://hg.mozilla.org/projects/nss nss-3.18.1/nss ; cd nss-3.18.1/nss ; hg up NSS_3_18_1_RTM
+Source:         https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_19_RTM/src/nss-%{version}.tar.gz
+# hg clone https://hg.mozilla.org/projects/nss nss-3.19/nss ; cd nss-3.19/nss ; hg up NSS_3_19_RTM
 #Source:         nss-%{version}.tar.gz
 Source1:        nss.pc.in
 Source3:        nss-config.in

nss-3.18.1.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:10d005ca1b143a8b77032a169c595d06cf42d16d54809558ea30f1ffe73fef70
-size 6945125

nss-3.19.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:989ebdf79374f24181f060d332445b1a4baf3df39d08514c4349ba8573cefa9b
+size 6951461